CVE-2026-27998

Name of the Vulnerable Software and Affected Versions ThemeREX Vixus versions through 1.0.16

Description The software contains a flaw related to improper control of filenames used in include/require statements, potentially leading to PHP Local File Inclusion. The issue exists in ThemeREX Vixus.

Recommendations Update ThemeREX Vixus to a version later than 1.0.16.